Leveraging Compression-Based Graph Mining for Behavior-Based Malware Detection

Wuchner Tobias; Cislak Aleksander; Ochoa Martin; Pretschner Alexander

首页> 外文期刊>IEEE transactions on dependable and secure computing >Leveraging Compression-Based Graph Mining for Behavior-Based Malware Detection

【24h】

Leveraging Compression-Based Graph Mining for Behavior-Based Malware Detection

机译：利用基于压缩的图挖掘进行基于行为的恶意软件检测

获取原文

获取原文并翻译 | 示例

开具论文收录证明 >>

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

Behavior-based detection approaches commonly address the threat of statically obfuscated malware. Such approaches often use graphs to represent process or system behavior and typically employ frequency-based graph mining techniques to extract characteristic patterns from collections of malware graphs. Recent studies in the molecule mining domain suggest that frequency-based graph mining algorithms often perform sub-optimally in finding highly discriminating patterns. We propose a novel malware detection approach that uses so-called compression-based mining on quantitative data flow graphs to derive highly accurate detection models. Our evaluation on a large and diverse malware set shows that our approach outperforms frequency-based detection models in terms of detection effectiveness by more than 600 percent.

机译：基于行为的检测方法通常可解决静态混淆的恶意软件的威胁。此类方法通常使用图形来表示过程或系统行为，并且通常采用基于频率的图形挖掘技术从恶意软件图形的集合中提取特征模式。分子挖掘领域的最新研究表明，基于频率的图挖掘算法通常在发现高度区分的模式时表现欠佳。我们提出了一种新颖的恶意软件检测方法，该方法在定量数据流图上使用所谓的基于压缩的挖掘，以得出高度准确的检测模型。我们对各种大型恶意软件的评估表明，在检测效率方面，我们的方法优于基于频率的检测模型。

著录项

来源
《IEEE transactions on dependable and secure computing》 |2019年第1期|99-112|共14页
作者
Wuchner Tobias; Cislak Aleksander; Ochoa Martin; Pretschner Alexander;
展开▼
作者单位

Tech Univ Munich, Comp Sci Dept, D-85748 Munich, Germany;

Warsaw Univ Technol, Fac Math & Informat Sci, PL-00661 Warsaw, Poland;

Singapore Univ Technol & Design, Informat Syst Technol & Design Dept, Singapore 487372, Singapore;

Tech Univ Munich, Comp Sci Dept, D-85748 Munich, Germany;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类
关键词
Malware detection; quantitative data flow analysis; data mining; graph mining; machine learning;

机译：恶意软件检测;定量数据流分析;数据挖掘;图挖掘;机器学习;

相似文献

外文文献
中文文献
专利

1. G3MD: Mining frequent opcode sub-graphs for metamorphic malware detection of existing families [J] . Alireza Khalilian, Amir Nourazar, Mojtaba Vahidi-Asl, Expert Systems with Application . 2018,第DECa期

机译：G3MD：挖掘频繁的操作码子图以检测现有家庭的变态恶意软件
2. Guilt by Association: Large Scale Malware Detection by Mining File-relation Graphs [J] . Acar Tamersoy, Kevin Roundy, Duen Horng Chau SIGKDD explorations . 2014,第CDaROM期

机译：关联有罪：通过挖掘文件关系图进行大规模恶意软件检测
3. Monet: A User-Oriented Behavior-Based Malware Variants Detection System for Android [J] . Mingshen Sun, Xiaolei Li, John C. S. Lui, Information Forensics and Security, IEEE Transactions on . 2017,第5期

机译：Monet：适用于Android的基于用户的基于行为的恶意软件变体检测系统
4. Graph-Based Data Mining in Dynamic Networks: Empirical Comparison of Compression-Based and Frequency-Based Subgraph Mining [C] . You Chang Hun, Holder Lawrence B., Cook Diane J. IEEE Interntional Conference on Data Mining Workshops . 2008

机译：基于图的动态网络中的数据挖掘：基于压缩和基于频率的子图挖掘的经验比较
5. Behavior-based malware detection. [D] . Christodorescu, Mihai. 2007

机译：基于行为的恶意软件检测。
6. A Malware Detection Scheme Based on Mining Format Information [O] . Jinrong Bai, Junfeng Wang, Guozhong Zou -1

机译：基于挖掘格式信息的恶意软件检测方案
7. Graph-based data mining in dynamic networks: Empirical comparison of compression-based and frequency-based subgraph mining [O] . Chang Hun You, Lawrence B. Holder, Diane J. Cook 2008

机译：动态网络中基于图的数据挖掘：基于压缩和基于频率的子图挖掘的经验比较

Leveraging Compression-Based Graph Mining for Behavior-Based Malware Detection

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅